October 2011 - gatein-issues - Jboss List Archives

[JBoss JIRA] Created: (GTNPORTAL-2143) Wrong configuration for Mixed Layout container

by Vu Viet Phuong (JIRA)

Wrong configuration for Mixed Layout container ---------------------------------------------- Key: GTNPORTAL-2143 URL: https://issues.jboss.org/browse/GTNPORTAL-2143 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 3.2.0-M01 Reporter: Vu Viet Phuong Assignee: Vu Viet Phuong - Login as Root, edit a page - DnD a Mixed Layout container - Drag a column in that container, but can drop it to origin position That cause by wrong configuration for Mixed Layout Container in GATEIN/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container/ContainerConfigOption.groovy should use UIColumnContainer.gtmpl instead of UIContainer.gtmpl for the table column container in the mixed layout container -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

3
2
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2149) Error is thrown in log when edit properties of group navigation

by Thomas Heute (JIRA)

Error is thrown in log when edit properties of group navigation --------------------------------------------------------------- Key: GTNPORTAL-2149 URL: https://issues.jboss.org/browse/GTNPORTAL-2149 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Thomas Heute Fix For: 3.2.0-M02 * sign in * go to Group Management * Edit Properties of any group navigation * Save -> NPE in log (attached) -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

3
3
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2039) 404 Page on Failed Login attemp followed by correct login

by Matt Wringe (JIRA)

404 Page on Failed Login attemp followed by correct login --------------------------------------------------------- Key: GTNPORTAL-2039 URL: https://issues.jboss.org/browse/GTNPORTAL-2039 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Matt Wringe Steps to Reproduce: 1) click on 'sign in' link in top right corner of portal 2) enter the wrong password. This will redirect you to the login page 3) enter the wrong password again on the login page 4) enter the right password on the login page. You will be redirected to http://localhost:8080/portal/j_security_check?j_username=root which results in a 404 error 5) if you enter the portal url, you will be logged into the portal Note: you need to enter the incorrect password twice. If you only enter the incorrect password in the popup and enter the correct password on the login page, then it will work as expected. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

3
5
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2147) Update SSO component to work with the latest GateIn

by Matt Wringe (JIRA)

Update SSO component to work with the latest GateIn --------------------------------------------------- Key: GTNPORTAL-2147 URL: https://issues.jboss.org/browse/GTNPORTAL-2147 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Matt Wringe Need to update the SSO component to work with the latest GateIn code base. - Update the code to work with the current login implementations - Update the documentation to take into affect the changes. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

2
3
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2109) Replication error when login user (cluster profile)

by Marek Posolda (JIRA)

Replication error when login user (cluster profile) --------------------------------------------------- Key: GTNPORTAL-2109 URL: https://issues.jboss.org/browse/GTNPORTAL-2109 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 3.2.0-M01 Environment: JBoss EPP 5.2.0 ER1 Reporter: Marek Posolda Fix For: 3.2.0-M02 See JBEPP-1187 -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

2
1
0 / 0

[JBoss JIRA] Created: (GTNWSRP-245) Upgrade Chromattic to 1.1.0

by Chris Laprun (JIRA)

Upgrade Chromattic to 1.1.0 --------------------------- Key: GTNWSRP-245 URL: https://issues.jboss.org/browse/GTNWSRP-245 Project: GateIn WSRP Issue Type: Task Affects Versions: 2.1.0-Beta06 Reporter: Chris Laprun Assignee: Chris Laprun Fix For: 2.1.0-Beta07 -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

1
1
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2141) Show correct import mode in logger during MOP import.

by Nick Scavelli (JIRA)

Show correct import mode in logger during MOP import. ----------------------------------------------------- Key: GTNPORTAL-2141 URL: https://issues.jboss.org/browse/GTNPORTAL-2141 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Components: Management Affects Versions: 3.2.0-M02 Reporter: Nick Scavelli Assignee: Nick Scavelli Priority: Minor When import mode attribute is not specified for import operation, 'null' is printed for the import mode in log output. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

1
1
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2148) Detect reentrancy in future cache to prevent self deadlock

by Julien Viet (JIRA)

Detect reentrancy in future cache to prevent self deadlock ---------------------------------------------------------- Key: GTNPORTAL-2148 URL: https://issues.jboss.org/browse/GTNPORTAL-2148 Project: GateIn Portal Issue Type: Task Security Level: Public (Everyone can see) Affects Versions: 3.2.0-M02 Reporter: Julien Viet Assignee: Julien Viet -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

1
1
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2090) XSS issue in application select permission editor

by Khoi Nguyen (JIRA)

XSS issue in application select permission editor ------------------------------------------------- Key: GTNPORTAL-2090 URL: https://issues.jboss.org/browse/GTNPORTAL-2090 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Khoi Nguyen 1/ Create new group with label is <script>alert(1)</script> 2/ Go to application, an alert appear The problem is that the script in group label is executed in permission selector window -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

2
1
0 / 0

[JBoss JIRA] Created: (GTNPORTAL-2073) XSS encoding in UIFormTextAreaInput.java

by Honza Fnukal (JIRA)

XSS encoding in UIFormTextAreaInput.java ---------------------------------------- Key: GTNPORTAL-2073 URL: https://issues.jboss.org/browse/GTNPORTAL-2073 Project: GateIn Portal Issue Type: Enhancement Security Level: Public (Everyone can see) Reporter: Honza Fnukal Fight place where to encode value is when rendering as this is UI component responsibility. This component is used by many others, and some pass value encoded, some not. Eg: In UIGadgetEditor is this method and it encodes value, this cause double encoding: public void processRender(WebuiRequestContext context) throws Exception { UIFormTextAreaInput uiInputSource = getUIFormTextAreaInput(FIELD_SOURCE); UIFormStringInput uiInputName = getUIStringInput(FIELD_NAME); String encoded = StringEscapeUtils.escapeHtml(StringEscapeUtils.unescapeHtml(uiInputSource.getValue())); uiInputSource.setValue(encoded); if(this.isEdit()) { uiInputName.setEditable(false); } super.processRender(context); } There is probably more code like this, I thin the best is clean it up here. Unfortunately it is probably in SP in similar way too. If we disable encoding in UIFormTextAreaInput, it will fix double encoding, but enable XSS where it is not encoded. This task track such places and remove encoding from other places. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years, 9 months

3
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

gatein-issues October 2011